AWS Identity and Access Management (IAM) enables identity federation federation to include support for SAML 2.0, an open industry standard used by many identity providers. This new feature enables federated SSO, empowering users to sign into the AWS Management Console or make programmatic calls to AWS APIs, by using assertions from a SAML-compliant identity provider (IdP).

Identity federation makes it easier for you to manage your users by enabling you to maintain your identities within your existing directory. SAML-based federation makes it simple for you to configure federation with AWS because you can use any IdP software that supports SAML (e.g., Windows Active Directory Federation Services or Shibboleth). Using federation, if a user leaves your company, you can simply delete the user’s corporate identity in one place, which then also revokes access to AWS. Your users also benefits because they only need to remember one username and password. Have I got your attention yet?

Read more at Amazon Web Services Blog